Thanks Jim for the response. One more thing... Is there anyway to kick off logon scripts when users connect via vpn so their network drives are mapped? Thanks! -----Original Message----- From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] Sent: Friday, October 11, 2002 11:15 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: VPN - Any thoughts on this? http://www.ISAserver.org Hi Bryan, 1. You're correct; unchecking "use default gateway" effectively bridges the two networks via the VPN client. This is an easy way to solve the question of "hot to access the Internet while RRAS'd into the network, but it's also the least secure. 2. Set the ISA proxy settings in the VPN connectoid part of the users IE connection settings and install the FW client on them. That way, they'll use the ISA they dialed into. Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/pages/author_index.asp?aut=3 http://isatools.org Read the help / books / articles! ----- Original Message ----- From: "Bryan Andrews" <bandrews@xxxxxxxxxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Friday, October 11, 2002 9:02 AM Subject: [isalist] RE: VPN - Any thoughts on this? http://www.ISAserver.org Anyone have any thoughts on this? Thanks! -----Original Message----- From: Bryan Andrews Sent: Wednesday, October 09, 2002 12:43 PM To: [ISAserver.org Discussion List] Subject: [isalist] VPN http://www.ISAserver.org I've read the article about vpn by Thomas: http://www.isaserver.org/pages/article.asp?id=232 And I have a couple of questions if anyone would like to respond: 1. I am operating under the assumption that if you choose to uncheck 'use the default gateway on the remote network' then you are putting your remote network at risk as the remote user is then connected to the internet at their isp and theoretically could expose your network. 2. I don't really understand why you need to use a proxy for http if you are 'using the default gateway on the remote network'. Seems self explanatory. 3. Lastly, how should users connect IM when they are connected via vpn or use any other internet protocols? I have never used proxy as all my clients have been secure nat. I'd like the users to be able to work as they always do when connected. Any thoughts on this are appreciated. Thanks. -----Original Message----- From: Quillman Shawn (RBNA/CIT7) [mailto:Shawn.Quillman@xxxxxxxxxxxx] Sent: Wednesday, October 09, 2002 12:27 PM To: [ISAserver.org Discussion List] Subject: [isalist] Re: Changing log file location. http://www.ISAserver.org I'm assuming the new folder exists :) Check the permissions on the new folder and the logs themselves (if you copied them from the default log folder). If ISA can't access them then there would be issues. If you did copy the logs into the new folder have you tried starting the services without anything in the folder and letting ISA create a new log file? Also the logs must be on a local volume. I think I remember you saying that this is the case, but can't remember for sure. I'll keep thinking, too. These are fairly obvious suggestions..... -Shawn ----- Shawn R. Quillman Robert Bosch Corporation RBNA/CIT7 38000 Hills Tech Drive Farmington Hills, MI 48331 (248) 553-1164 (P) (248) 848-2855 (F) shawn.quillman@xxxxxxxxxxxx -----Original Message----- From: itmail@xxxxxxxxxx [mailto:itmail@xxxxxxxxxx] Sent: Wednesday, October 09, 2002 11:24 AM To: [ISAserver.org Discussion List] Subject: [isalist] Re: Changing log file location. http://www.ISAserver.org Yes, after changing log location I restarted service and they would not come back till I set the log location back to default. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: shawn.quillman@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: bandrews@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: bandrews@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: bandrews@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')